10/29/2022 Changes in v5.4.5-3 ================================== - Integrate working version of Sendmail::PMilter (milter) (Version 1.2x from CPAN not working with postfix currently) 10/09/2022 Changes in v5.4.5-2 ================================== - Remove v5.4.5-1 from beta - Fix dat file check not allowing files through - Fix attachment mode not adding new MIME header - Fix external message warning not always appearing - Fix extraneous newline appearing in received header (milter) - Bump milter to v1.7 07/03/2022 Changes in v5.4.5-1 ================================== - Add support for unrar v6x - Add f-secure-12 support for allow password-protected archives 02/20/2022 Changes in v5.4.4-1 ================================== - Override Filetypes feature - Generalize detection of dat files - Improved handling of milterout queue files - Unfold Received header (postfix/sendmail) - Ensure HTTP::Date perl module is installed - Fix IP::Country::DB_File (Suse) 01/04/2022 Changes in v5.4.3-2 ================================== - Remove default hosted 1x1spacer.gif - Include base64 encoded 1x1 spacer - Add missing file wrappers to packages 11/28/2021 Changes in v5.4.3-1 ================================== - Refine HTML Disarm logic (detect premature pipe end) 11/25/2021 Changes in v5.4.2-3 (beta) ================================== - Revised logic for HTML Disarm (close in child only) 11/14/2021 Changes in v5.4.2-2 (beta) ================================== - Eliminate queue id change in MSDiskStore.pm 11/14/2021 Changes in v5.4.2-1 (beta) ================================== - Check for /usr/local/bin in path for ms-configure - ESETS EFS Support - Milter cleanup after restart - MSMilter handle file handling before DISCARD - Set F-Secure to use ScanOptions - Close pipe in parent only for HTML Disarm - Milter Authenticated Spam Skip enhancements - Fix Received header detection in MSMilter - F-Secure 12 Support - Limit queue processing to child-owned queue files in MSMail.pm - Properly detect permfails with code 5xx in MSMail.pm 09/19/2021 Changes in v5.4.1-3 (beta) ================================== - Support for F-Secure version 12+ - Milter queue processing for child-owned queue files 08/08/2021 Changes in v5.4.1-2 ================================== - Update inline.internal.warning.html (translation) - Update inline.external.warning.html (translation) - Declare code in v5.4.1-1 production ready 01/25/2021 Changes in v5.4.1-1 (beta) ================================== - Option to ignore DAT file type check - Fix TNEF unparse behavior and work file permissions/ownership - Reset opts variable causing unwanted notifies - Fix mangling of sender in pre-header (preserve first occurrence) 12/04/2020 Changes in v5.3.4-3 ================================== - Ignore QP DOS Failure option and body fix - Process all links during phishing checks - Output to stdout/stderr when running in foreground mode 11/04/2020 Changes in v5.3.4-2 ================================== - Revert milter substitution of RCPT TO 09/07/2020 Changes in v5.3.4-1 ================================== - Add RFC 3461 RCPT TO Service Extension support (milter) - Change Received header continuation spacing to tabs (milter) - Fix pair of typos in ms-configure (rhel) 05/12/2020 Changes in v5.3.3-1 ================================== - Fix broken MIME Filetype logic - Add support for the Kaspersky Scan Engine AV - Add support for the Avast Daemon AV Engine - Remove duplication in AV code - Add support for the F-Prot Daemon Anti-virus Engine - Add support for the F-Secure Daemon Anti-virus Engine - Add support for the Sophos SAVID Daemon Anti-virus Engine - Simplify build scripts - Move new builds to release tags 04/25/2020 Changes in v5.3.2-2 ================================== - Fix errors with exim RBL bypass 04/25/2020 Changes in v5.3.2-1 ================================== - Support bypass of RBLs for authenticated connections in Exim - Fix quarantining of relay rejected emails (milter) - Eval WordDecoder in Exim 04/17/2020 Changes in v5.3.1-3 ================================== - Include /usr/local/bin and /usr/local/sbin in ms-cron PATH 04/11/2020 Changes in v5.3.1-2 ================================== - Rollback strategy for spamassassin on failure (RHEL/SUSE) 04/11/2020 Changes in v5.3.1-1 ================================== - Detect DOS attempt in Quoted Printable MIME parts (Security Fix) - Support for latest RHEL, Debian, SuSE - Support latest SpamAssassin (3.4.4) - Require latest SpamAssassin (Use CPAN) - Use cpanminus by default - Disable config check for removed settings - Update Clamd socket path (RHEL) - Add PowerTools option (RHEL 8) 01/19/2020 Changes in v5.2.2-1 ================================== - Fix LocalSocket substitution in latest clam config (path changed) - Set ownership of milter queues during ms-configure - Correct naming of debian package - Unpack img files and include all unpackable file extensions - Preserve all header flags in Sendmail - Remove deprecated clamav functions - Fix File MIME Types checking - Support for new Exim 4.93 queue format - Update de rules translations - Add report substitution to ReadExternalWarning 11/15/2019 Changes in v5.2.1-2 ================================== - Add QUICKPEEK variable to msmilter-init - Add libdb-dev missing debian dependency - clamavmodule (Mail::ClamAV) deprecated with warning 11/03/2019 Changes in v5.2.1-1 ================================== - External message warning support - Scan silent viruses also for spam option - Fix silent virus delivery behavior - Keep batch during A/V scan failure and back off for 30 seconds - RHEL/CentOS setenforce 0 (install) - Move ownership and permissions to post (install/update) - Eval WordDecoder Subject - Allow scan 7z archives if 'Find Archives By Content = no' - Use correct callback in debug message in milter - Honor whitelistmaxrecips in milter - Refactor to host MailScanner using standard package management 03/03/2019 Changes in v5.1.3-3 (unreleased) ================================== - Additional checks for empty queue id in milter - Update esets-wrapper-README and make sudo optional - Better process kill handling during stop - Reap children when stopping milter - Fix temp file cleanup in milter during stop - Ignore Denial of Service option (workaround) - Add additional base packages to debian install 01/27/2019 Changes in v5.1.3-2 ================================== - Add sudo and README for esets-wrapper - Handle ipv6 packed socket properly in MSMilter - Fix path for avg-wrapper in virus.scanners.conf - Fix AVG output parsing in SweepViruses.pm - Fix absolute path in Sophos output parsing in SweepViruses.pm - Add config option for mailto phishing highlighting 12/23/2018 Changes in v5.1.3-1 ================================== - Use literal 'mailto:' for mailto phishing detection - Handle HTML entities in mailto phishing detections - Enforce 7 bit characters for filename checks - Revert decode_headers workaround - Esets catch error reading archive - FixSubstringBoundaries removed - Add "for <...>; date-time" to MSMilter Received: header. - Milter add 'Authenticated' note to Received: header for SASL auth mail - Milter refactor to capture real postfix id - Remove CRs for QMQP processing - Display correct log warning for QMQP socket - Milter QMQP support added - Option to reveal URLs in links added - Add support to detect mailto: phishing - Get rid of artifacts in AVG output lines - Check for Run As User during postinst and use if defined (debian) - Refactor milter to support multiple emails per session - Fix missing subject field following a To: header - Quarantine support option for DOS protection added - Fix milter to allow modified recipients - Add postfork support to milter - Fix milter adding previous message recipients 10/26/2018 Changes in v5.1.2-2 ================================== - Disable rbl check if user is authenticated (postfix) - Preserve utf-8 header data - Add additional services to systemd unit - Simplify esets output - Add newline to virus.scanners.conf - Exclude predata headers in quarantine files (milter) 10/20/2018 Changes in v5.1.2-1 ================================== - Patch Mail::ClamAV to allow install for SuSE builds - 7zip handle spaces in filenames - Clamd full message scan - Detect fax and tel links - mime_perl_to_string fix for ignored handler - Add Kaspersky Linux Mail Server support - Ignore "archive damaged" in esets scanner output - Cleanup reports, add en_uk reports - Workaround MIME::Parser failing to decode UTF-8 - Refactor milter to fully support multiple original recipients - Refactor milter to support large messages - Refactor milter to reject blacklisted emails early - Fix off by one header add in milter - Look for all recipient records in DeleteRecipients - Update milter doc to 1.3 - Remove invalid Apparmor code in debian package - Fix condition concatenation in ms-update-phishing - Fix mktemp in clamav-wrapper for FreeBSD11 - Add DrWeb virus scanner support - Fixes for clamav on rhel variants 08/25/2018 Changes in v5.1.1-1 ================================== - Remove space in "Clam AV" - Support enable_original_recipient=no in postfix - Check CPANOPTION and add verbosity - Better AV scanning loop with retry attempts - Refactor AV scanning loop - Revert escaping spaces in unrar (already strict quoted) - Cluster friendly update scripts (check for PID before restarting) - Milter support option for MailScanner - Fix postfix long queue ids getting suffixed with key - Support ClamAV 0.100.1+ configuration change in RHEL/CentOS 7 06/17/2018 Changes in v5.0.7-4 ================================== - Switch to gzipped phishing update files - Fix for no virus scanner defined - Fix configuration chaining for SA rules actions in rulesets - Fix mime decoding deprecation - Allow wildcards in phishing lists - Update MIME::Tools using CPAN - Fix removal of MailScanner.conf if MailScanner is removed - Add support for Fedora 28 - Add perl-LWP-Protocol-https (RHEL Variants) 04/29/2018 Changes in v5.0.7-3 ================================== - Fix copy of CustomFunctions directory in debian install - Fix untaint of $safename var in unpack7zip - Respect process exit code of Message::SafePipe - Fix systemd file syntax in RHEL/CentOS - Remove rotating indication in ms-init - Add ldconfig to end of install.sh 02/03/2018 Changes in v5.0.7-2 ================================== - Use mtagroup for tmpfiles.d clamd.scan (CentOS/RHEL 7) - Remove spaces from CURLORWGET = 'wget' - Fix one typo and a bit of grammar in DE translations - Fix ms-update-sa reload for systemd - Fix ms-update-bad-emails for systemd - Change current working directory on MailScanner invocation - Fix ms-update-phishing to suppress cron output - Remove support for systemd reload - Use /etc/tmpfiles.d for /var/run/clamd.scan configuration (CentOS/RHEL 7) - Update ms-update-phishing to use restart instead of reload 12/25/2017 Changes in v5.0.7-1 ================================== - Fix parsing an email address into local-part and domain - Fix syntax in Debian/postrm - Escape space before passing to unrar extract - Add gz to unzipable files - Only run freshclam if it is not running yet (debian) - 7zip support - Remove execute flag on systemd service (debian) - Add update flag to install.sh - Fix configuration chaining for spamassassin rules actions - Add --force for cpanm - CentOS/RHEL 7 clamav configuration support - Fix broken clamav install prompt block - Include 2 perl modules for spammassassin from debian tree - Support for Fedora 27 - Fix install.sh modifying clamav-wrapper before MailScanner is installed - Add mariadb as a prerequisite service for mailscanner systemd unit 09/29/2017 Changes in v5.0.6-5 ================================== - Return result of mta installation - Automation flags for all major distros - Fix config filename to mcp.spamassassin.conf - Point broken links to wayback machine for mcp - Properly detect long queue IDs for postfix - Preserve MailScanner.conf during upgrade - Fix finding of configured SyslogFacility - Properly suppress removing ms-sendmail init output 08/28/2017 Changes in v5.0.6-4 ================================== - Fixes and enhancements for ms-update-phishing - Remove execute bit on systemd files - Return code check added for ms-init during service reload - Update documentation - Add ms_cron_ps_restart to /etc/MailScanner/defaults 08/20/2017 Changes in v5.0.6-3 ================================== - New phishing sites update script - Unattended install options for debian build - Fix for exim queue processing - ms-init fixes - Fix debian not installing sendmail - Fix SuSE not installing packages via zypper - Suppress freshclam error output during install - Fix missing libbz2-devel package on suse builds - Fix MailScanner.conf not getting updated and merged 07/24/2017 Changes in v5.0.6-2 ================================== - Bring Spam List documentation in line with current spam.lists.conf. - Fix typo in sender.filename.report.txt (fr) - Better systemd detection - Prevent ms-init from mistaking itself as a MailScanner process 07/16/2017 Changes in v5.0.6-1 ================================== - Updated ms-update-bad-sites to quiet curl and wget - Updated ms-update-safe-sites to quiet curl and wget - Fix race condition in ms-init during restart - Add systemd support for ms-init using ms-systemd script - Add ms-sendmail-init script to correctly start sendmail for mailscanner on init for RHEL based systems - Add ms-sendmail, ms-sendmail-in, and ms-sendmail-out systemd support scripts on RHEL based systems - Update build scripts for systemd support 04/08/2017 Changes in v5.0.5-1 ================================== - updated SweepContent.pm to allow application/ld+json scripts when Allow Script Tags = no in Dangerous Content Scanning - Updated Postfix.pm and PFDiskStore.pm to use long queue IDs - issue #34 - Updated Postfix.pm to work with both FIFO and UNIX pipes - rar fix to allow spaces in file names - removed some unneeded packages from ms-perl-check - fix for HTML tag is split across multiple lines - issue #43 - unrar fix - issue #33 - added rblspamreport to reports - issue #45 - update logging for all spam actions taken - issue #36 - increased free disk space check from 100k to 10m - issue #40 - removed re2c conf item in defaults - not used - updated InPhishingWhitelist and InPhishingBlacklist to not check host.* as it is incompatible with the current structure 11/10/2016 Changes in v5.0.4-4 ================================== - updated RHEL/Debian/SuSE install scripts - updated cron job scripts - updated init script - changed Debian upstart from 80/20 to 80/80 - updated RHEL packages in install.sh - updated SuSE packages in install.sh - Postfix double scan during custom fix - fixed ms-init and ms-check - fixed ramdisk portion of install scripts - fixed perl module declarations 08/14/2016 Changes in v5.0.3-7 ================================== - updated init script to include a time-wait for pid files during process reloads and restarts - updated Message.pm to correctly prepend phishing notices in email subject - added avast virus scanner support - added esets virus scanner support - added new function InitClamdParser to SweepViruses.pm - added new function ProcessClamdOutput to SweepViruses.pm 05/23/2016 Changes in v5.0.2-1 ================================== - updated chmod permissions from 0600 to 0660 on work files to address permission issues with clamd reading header files 05/23/2016 Changes in v5.0.1-2 ================================== - fixed install.sh for ms-upgrade-conf 05/22/2016 Changes in v5.0.1-1 ================================== - added logging of failed HTML disarms to Message.pm 05/13/2016 Changes in v5.0.0-9 ================================== - RHEL installer correction: creation of /etc/mail/spamassassin/mailscanner.cf - start levels 80 20 set in Debian and RHEL - ms-sa-update corrected - errant removal of /usr/lib/MailScanner corrected - added checks to remove init.d scripts or links pre-install - added remove to update-rc.d and chkconfig pre-install - added add to update-rc.d and chkconfig post-install - corrected missing variable in RHEL install.sh script - installers refined and updated 04/30/2016 Changes in v5.0.0-1 ================================== - New Release